Skip to content

Commit 659f410

Browse files
dkcummingdkcumming
committed
Added challenge 11 proofs to workflow
Removed old unchecked_arithmetic proofs
1 parent d7f7537 commit 659f410

14 files changed

Lines changed: 763 additions & 155 deletions

File tree

.github/workflows/kmir.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -22,12 +22,12 @@ jobs:
2222
- name: Checkout Repository
2323
uses: actions/checkout@v4
2424

25-
- name: Run Proofs in Tool Container
25+
- name: Run Challenge 11 Proofs
2626
run: |
2727
docker run --rm -t \
2828
--name ${{ env.container_name }} \
2929
-w /home/kmir/workspace \
3030
-u $(id -u):$(id -g) \
3131
-v $PWD:/home/kmir/workspace \
3232
runtimeverificationinc/kmir:ubuntu-jammy-latest \
33-
kmir-proofs/unchecked_arithmetic/run-proofs.sh
33+
kmir-proofs/0011-floats-ints/run-proofs.sh

kmir-proofs/0011-floats-ints/carrying_mul.rs

Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,36 @@
1+
#![feature(bigint_helper_methods)]
2+
3+
fn main() {
4+
carrying_mul_u8(0, 0, 0);
5+
carrying_mul_u16(0, 0, 0);
6+
carrying_mul_u32(0, 0, 0);
7+
carrying_mul_u64(0, 0, 0);
8+
}
9+
10+
fn carrying_mul_u8(a: u8, b: u8, c: u8) {
11+
let (lo, hi) = a.carrying_mul(b, c);
12+
let expected = (a as u16) * (b as u16) + (c as u16);
13+
assert!(lo == (expected as u8));
14+
assert!(hi == ((expected >> u8::BITS) as u8));
15+
}
16+
17+
fn carrying_mul_u16(a: u16, b: u16, c: u16) {
18+
let (lo, hi) = a.carrying_mul(b, c);
19+
let expected = (a as u32) * (b as u32) + (c as u32);
20+
assert!(lo == (expected as u16));
21+
assert!(hi == ((expected >> u16::BITS) as u16));
22+
}
23+
24+
fn carrying_mul_u32(a: u32, b: u32, c: u32) {
25+
let (lo, hi) = a.carrying_mul(b, c);
26+
let expected = (a as u64) * (b as u64) + (c as u64);
27+
assert!(lo == (expected as u32));
28+
assert!(hi == ((expected >> u32::BITS) as u32));
29+
}
30+
31+
fn carrying_mul_u64(a: u64, b: u64, c: u64) {
32+
let (lo, hi) = a.carrying_mul(b, c);
33+
let expected = (a as u128) * (b as u128) + (c as u128);
34+
assert!(lo == (expected as u64));
35+
assert!(hi == ((expected >> u64::BITS) as u64));
36+
}

kmir-proofs/0011-floats-ints/run-proofs.sh

Lines changed: 81 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,81 @@
1+
#!/bin/bash
2+
# Run KMIR passing proofs for Challenge 11: Safety of Methods for Numeric Primitive Types
3+
# https://model-checking.github.io/verify-rust-std/challenges/0011-floats-ints.html
4+
5+
set -eu
6+
7+
if ! command -v kmir &> /dev/null; then
8+
echo "ERROR: kmir not found on PATH"
9+
exit 2
10+
fi
11+
12+
DIR=$(realpath "$(dirname "$0")")
13+
cd "$DIR"
14+
15+
PROOF_DIR=proofs
16+
FAILED_PROOFS=""
17+
18+
# Mapping of FILENAME -> START_SYMBOLS
19+
declare -A FILE_SYMBOLS
20+
FILE_SYMBOLS=(
21+
[unchecked_add]="unchecked_add_u8 unchecked_add_u16 unchecked_add_u32 unchecked_add_u64 unchecked_add_u128 unchecked_add_i8 unchecked_add_i16 unchecked_add_i32 unchecked_add_i64 unchecked_add_i128"
22+
[unchecked_sub]="unchecked_sub_u8 unchecked_sub_u16 unchecked_sub_u32 unchecked_sub_u64 unchecked_sub_u128 unchecked_sub_i8 unchecked_sub_i16 unchecked_sub_i32 unchecked_sub_i64 unchecked_sub_i128"
23+
[unchecked_mul]="unchecked_mul_u8 unchecked_mul_u16 unchecked_mul_u32 unchecked_mul_u64 unchecked_mul_u128 unchecked_mul_i8 unchecked_mul_i16 unchecked_mul_i32 unchecked_mul_i64 unchecked_mul_i128"
24+
[unchecked_shl]="unchecked_shl_u8 unchecked_shl_u16 unchecked_shl_u32 unchecked_shl_u64 unchecked_shl_u128 unchecked_shl_i8 unchecked_shl_i16 unchecked_shl_i32 unchecked_shl_i64 unchecked_shl_i128"
25+
[unchecked_shr]="unchecked_shr_u8 unchecked_shr_u16 unchecked_shr_u32 unchecked_shr_u64 unchecked_shr_u128 unchecked_shr_i8 unchecked_shr_i16 unchecked_shr_i32 unchecked_shr_i64 unchecked_shr_i128"
26+
[unchecked_neg]="unchecked_neg_i8 unchecked_neg_i16 unchecked_neg_i32 unchecked_neg_i64 unchecked_neg_i128"
27+
[wrapping_shl]="wrapping_shl_u8 wrapping_shl_u16 wrapping_shl_u32 wrapping_shl_u64 wrapping_shl_u128 wrapping_shl_i8 wrapping_shl_i16 wrapping_shl_i32 wrapping_shl_i64 wrapping_shl_i128"
28+
[wrapping_shr]="wrapping_shr_u8 wrapping_shr_u16 wrapping_shr_u32 wrapping_shr_u64 wrapping_shr_u128 wrapping_shr_i8 wrapping_shr_i16 wrapping_shr_i32 wrapping_shr_i64 wrapping_shr_i128"
29+
[widening_mul]="widening_mul_u8 widening_mul_u16 widening_mul_u32 widening_mul_u64"
30+
[carrying_mul]="carrying_mul_u8 carrying_mul_u16 carrying_mul_u32 carrying_mul_u64"
31+
)
32+
33+
for file in "${!FILE_SYMBOLS[@]}"; do
34+
rs_file="${file}.rs"
35+
if [ ! -f "$rs_file" ]; then
36+
echo "ERROR: $rs_file not found"
37+
FAILED_PROOFS="${FAILED_PROOFS} ${file}(missing)"
38+
continue
39+
fi
40+
41+
symbols="${FILE_SYMBOLS[$file]}"
42+
echo "========================================="
43+
echo "File: $rs_file"
44+
echo "========================================="
45+
46+
for sym in $symbols; do
47+
proof_id="${file}.${sym}"
48+
echo "-----------------------------------------"
49+
echo "Proving: ${proof_id}"
50+
echo "-----------------------------------------"
51+
52+
if ! kmir prove --start-symbol "$sym" --terminate-on-thunk --proof-dir "$PROOF_DIR" --reload "$rs_file"; then
53+
FAILED_PROOFS="${FAILED_PROOFS} ${proof_id}"
54+
fi
55+
56+
kmir show --proof-dir "$PROOF_DIR" "${proof_id}" || true
57+
done
58+
done
59+
60+
echo ""
61+
echo "========================================="
62+
echo "SUMMARY"
63+
echo "========================================="
64+
65+
if [ -n "$FAILED_PROOFS" ]; then
66+
echo ""
67+
echo "FAILED:"
68+
for f in $FAILED_PROOFS; do
69+
echo " - $f"
70+
done
71+
echo ""
72+
echo -e "\033[31m=========================================\033[0m"
73+
echo -e "\033[31mSOME PROOFS FAILED\033[0m"
74+
echo -e "\033[31m=========================================\033[0m"
75+
exit 1
76+
fi
77+
78+
echo ""
79+
echo -e "\033[32m=========================================\033[0m"
80+
echo -e "\033[32mALL PROOFS PASSED\033[0m"
81+
echo -e "\033[32m=========================================\033[0m"

kmir-proofs/0011-floats-ints/unchecked_add.rs

Lines changed: 84 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,84 @@
1+
#![feature(unchecked_math)]
2+
3+
fn main() {
4+
unchecked_add_u8(0, 0);
5+
unchecked_add_u16(0, 0);
6+
unchecked_add_u32(0, 0);
7+
unchecked_add_u64(0, 0);
8+
unchecked_add_u128(0, 0);
9+
unchecked_add_i8(0, 0);
10+
unchecked_add_i16(0, 0);
11+
unchecked_add_i32(0, 0);
12+
unchecked_add_i64(0, 0);
13+
unchecked_add_i128(0, 0);
14+
}
15+
16+
fn unchecked_add_u8(a: u8, b: u8) {
17+
if let Some(expected) = a.checked_add(b) {
18+
let result = unsafe { a.unchecked_add(b) };
19+
assert!(result == expected);
20+
}
21+
}
22+
23+
fn unchecked_add_u16(a: u16, b: u16) {
24+
if let Some(expected) = a.checked_add(b) {
25+
let result = unsafe { a.unchecked_add(b) };
26+
assert!(result == expected);
27+
}
28+
}
29+
30+
fn unchecked_add_u32(a: u32, b: u32) {
31+
if let Some(expected) = a.checked_add(b) {
32+
let result = unsafe { a.unchecked_add(b) };
33+
assert!(result == expected);
34+
}
35+
}
36+
37+
fn unchecked_add_u64(a: u64, b: u64) {
38+
if let Some(expected) = a.checked_add(b) {
39+
let result = unsafe { a.unchecked_add(b) };
40+
assert!(result == expected);
41+
}
42+
}
43+
44+
fn unchecked_add_u128(a: u128, b: u128) {
45+
if let Some(expected) = a.checked_add(b) {
46+
let result = unsafe { a.unchecked_add(b) };
47+
assert!(result == expected);
48+
}
49+
}
50+
51+
fn unchecked_add_i8(a: i8, b: i8) {
52+
if let Some(expected) = a.checked_add(b) {
53+
let result = unsafe { a.unchecked_add(b) };
54+
assert!(result == expected);
55+
}
56+
}
57+
58+
fn unchecked_add_i16(a: i16, b: i16) {
59+
if let Some(expected) = a.checked_add(b) {
60+
let result = unsafe { a.unchecked_add(b) };
61+
assert!(result == expected);
62+
}
63+
}
64+
65+
fn unchecked_add_i32(a: i32, b: i32) {
66+
if let Some(expected) = a.checked_add(b) {
67+
let result = unsafe { a.unchecked_add(b) };
68+
assert!(result == expected);
69+
}
70+
}
71+
72+
fn unchecked_add_i64(a: i64, b: i64) {
73+
if let Some(expected) = a.checked_add(b) {
74+
let result = unsafe { a.unchecked_add(b) };
75+
assert!(result == expected);
76+
}
77+
}
78+
79+
fn unchecked_add_i128(a: i128, b: i128) {
80+
if let Some(expected) = a.checked_add(b) {
81+
let result = unsafe { a.unchecked_add(b) };
82+
assert!(result == expected);
83+
}
84+
}

kmir-proofs/0011-floats-ints/unchecked_mul.rs

Lines changed: 84 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,84 @@
1+
#![feature(unchecked_math)]
2+
3+
fn main() {
4+
unchecked_mul_u8(0, 0);
5+
unchecked_mul_u16(0, 0);
6+
unchecked_mul_u32(0, 0);
7+
unchecked_mul_u64(0, 0);
8+
unchecked_mul_u128(0, 0);
9+
unchecked_mul_i8(0, 0);
10+
unchecked_mul_i16(0, 0);
11+
unchecked_mul_i32(0, 0);
12+
unchecked_mul_i64(0, 0);
13+
unchecked_mul_i128(0, 0);
14+
}
15+
16+
fn unchecked_mul_u8(a: u8, b: u8) {
17+
if let Some(expected) = a.checked_mul(b) {
18+
let result = unsafe { a.unchecked_mul(b) };
19+
assert!(result == expected);
20+
}
21+
}
22+
23+
fn unchecked_mul_u16(a: u16, b: u16) {
24+
if let Some(expected) = a.checked_mul(b) {
25+
let result = unsafe { a.unchecked_mul(b) };
26+
assert!(result == expected);
27+
}
28+
}
29+
30+
fn unchecked_mul_u32(a: u32, b: u32) {
31+
if let Some(expected) = a.checked_mul(b) {
32+
let result = unsafe { a.unchecked_mul(b) };
33+
assert!(result == expected);
34+
}
35+
}
36+
37+
fn unchecked_mul_u64(a: u64, b: u64) {
38+
if let Some(expected) = a.checked_mul(b) {
39+
let result = unsafe { a.unchecked_mul(b) };
40+
assert!(result == expected);
41+
}
42+
}
43+
44+
fn unchecked_mul_u128(a: u128, b: u128) {
45+
if let Some(expected) = a.checked_mul(b) {
46+
let result = unsafe { a.unchecked_mul(b) };
47+
assert!(result == expected);
48+
}
49+
}
50+
51+
fn unchecked_mul_i8(a: i8, b: i8) {
52+
if let Some(expected) = a.checked_mul(b) {
53+
let result = unsafe { a.unchecked_mul(b) };
54+
assert!(result == expected);
55+
}
56+
}
57+
58+
fn unchecked_mul_i16(a: i16, b: i16) {
59+
if let Some(expected) = a.checked_mul(b) {
60+
let result = unsafe { a.unchecked_mul(b) };
61+
assert!(result == expected);
62+
}
63+
}
64+
65+
fn unchecked_mul_i32(a: i32, b: i32) {
66+
if let Some(expected) = a.checked_mul(b) {
67+
let result = unsafe { a.unchecked_mul(b) };
68+
assert!(result == expected);
69+
}
70+
}
71+
72+
fn unchecked_mul_i64(a: i64, b: i64) {
73+
if let Some(expected) = a.checked_mul(b) {
74+
let result = unsafe { a.unchecked_mul(b) };
75+
assert!(result == expected);
76+
}
77+
}
78+
79+
fn unchecked_mul_i128(a: i128, b: i128) {
80+
if let Some(expected) = a.checked_mul(b) {
81+
let result = unsafe { a.unchecked_mul(b) };
82+
assert!(result == expected);
83+
}
84+
}

kmir-proofs/0011-floats-ints/unchecked_neg.rs

Lines changed: 44 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,44 @@
1+
#![feature(unchecked_neg)]
2+
3+
fn main() {
4+
unchecked_neg_i8(0);
5+
unchecked_neg_i16(0);
6+
unchecked_neg_i32(0);
7+
unchecked_neg_i64(0);
8+
unchecked_neg_i128(0);
9+
}
10+
11+
fn unchecked_neg_i8(a: i8) {
12+
if let Some(expected) = a.checked_neg() {
13+
let result = unsafe { a.unchecked_neg() };
14+
assert!(result == expected);
15+
}
16+
}
17+
18+
fn unchecked_neg_i16(a: i16) {
19+
if let Some(expected) = a.checked_neg() {
20+
let result = unsafe { a.unchecked_neg() };
21+
assert!(result == expected);
22+
}
23+
}
24+
25+
fn unchecked_neg_i32(a: i32) {
26+
if let Some(expected) = a.checked_neg() {
27+
let result = unsafe { a.unchecked_neg() };
28+
assert!(result == expected);
29+
}
30+
}
31+
32+
fn unchecked_neg_i64(a: i64) {
33+
if let Some(expected) = a.checked_neg() {
34+
let result = unsafe { a.unchecked_neg() };
35+
assert!(result == expected);
36+
}
37+
}
38+
39+
fn unchecked_neg_i128(a: i128) {
40+
if let Some(expected) = a.checked_neg() {
41+
let result = unsafe { a.unchecked_neg() };
42+
assert!(result == expected);
43+
}
44+
}

0 commit comments

Comments
 (0)